Mjukvara, Hårdvara eller Virtuellt. Ert val...

Software Appliance

Guardian is available as an independent software appliance, which means it comes as a complete package with its own operating system (Linux) and can be installed on standard hardware, easily converting an entry-level server into a dedicated security appliance. The benefits of utilising standard hardware are that processing power and memory can be specified to suit, and service agreements with regular suppliers can be leveraged. With a software appliance, the components can also be downloaded and installed immediately. No knowledge of Linux is required.

Hardware Appliance: Secure Web Gateway (SWG)

The Guardian Secure Web Gateway offers the same feature set as the software appliance version of Guardian, but on a 1U rack-mounted appliance. The SWG also supports Bridge Mode (transparent inline proxy). Licensing is flexible and incremental updates and major upgrades can be installed without having to replace the appliance itself.

Virtual Appliance

Guardian can also be installed on a virtual server. Virtual machines come with a number of advantages including better utilisation, scalability and resilience – as well as reduced power bills. As a software appliance, Guardian is tried and tested on a VMware platform and includes the necessary tools to enable full communication between the host and the guest.

UTM/Firewall Module

Guardian can also be supplied in software form as an add-on module for Smoothwall’s UTM appliances and firewalls. The web security and content filtering module offers the same full feature set as our Guardian products. It integrates seamlessly with our firewall, VPN, IPS, anti-virus, email security and load balancing components to form a powerful all-in-one security solution.

Mobile Guardian (remote laptop filtering)

For policy compliance and legal reasons, many organisations now need to ensure that any Internet browsing that takes place on their equipment is controlled. Mobile Guardian is a desktop client that allows filtering policies to be enforced regardless of location. When laptops return to the network, log files of the remote browsing that has taken place are automatically uploaded and filtering policies updated.

* The IWF is a recognised organisation working in partnership with the police, governments, and the wider online community to combat the availability of criminally obscene content on the Internet.

** Guardian is a UK Government Department of Education (formerly Becta) accredited filtering solution and meets UK national standards for Internet filtering products used in education.

Search Engine Filtering Filter, monitor and report upon search terms used and force "safe search" on popular search engines.

Logging, Filtering and Censoring of Instant Messenger Applications Control and monitor the use of Instant

Messaging applications. IM file transfers and attachments can be logged or blocked and selected words or phrases can be censored and set to trigger alerts with reponses sent direct to users' messaging clients. Encrypted Instant Messaging is also supported.

Block Advertising and Cookies Advertising and cookies can be automatically blocked.

Unified Policy Tools and Wizards Unified, easy to use policy setting tools with policy and configuration wizards. With unlimited groups and 'per user' policies and the ability to combine policies with multi-group membership.

Policy Based Controls Different filtering policies can be created and set for different groups of users, in accordance with organisation policy or the AUP.

Whitelist mode Users can only access a customised list of 'allowed' sites.

Default 'Safe' Configuration Guardian can be installed with a default 'safe' configuration which filters out a standard range of illegal and objectionable content. Note: Guardian's default 'safe' configuration matches the requirements of CIPA and BECTA standards.

Stealth Mode Web pages are filtered and logged as normal, but are not blocked, allowing administrators to monitor activity without affecting users (useful when testing a new installation as it allows the filtering rules to be fine-tuned before 'going live').

Mobile Device Filtering Mobile Guardian allows many devices (iOS,OSX,Windows) to be actively filtered and controlled according to the organization’s policies in or out of the home network. Android will be supported during 2012.

Guest Mobile Device Filtering Guest devices can be accomodated on the network and filtered according to the organization’s policies.

Authentication

Authentication Features Integrate with User Authentication systems Control access based on authenticated identity as opposed to assumed identity derived from a computer’s IP address (supports Microsoft Active Directory®, Novell eDirectory, and other LDAP systems).

Multiple Filter Groups Different filter policies can be allocated to up to 100 different groups of users. Particular users can also be configured not to be subject to any filtering at all.

Transparent Proxy Mode System administration is simplified with support for NTLM authentication in transparent proxy mode; which avoids the need to configure proxy settings for each user computer.

Password-Protected Authentication The use of NTLM with password verification provides seamless single sign-on without the need for users to log in or enter their Windows ID/password again.

Operation

Optional Bridge Mode (Transparent Inline Proxy) SWG Appliance Only Drop in' deployment - allows the appliance to be deployed inline between a switch and a perimeter firewall for ease of installation and configuration.

Rate Limiter by URL The speed or rate at which the proxy server can download information from the Internet can be limited. Bandwidth use can also be limited for specific URLs.

Drill Down to a Single User or IP Reports include the user name and IP address of the user PC so AUP violators can be quickly identified. A drill-down facility allows data to be explored to a greater depth - e.g., from a list of blocked sites that users have attempted to access, drill-down to find out which users have been trying to access any particular site. It is possible to view the entire browsing history (including time spent browsing) of a single user.

Automated Reports User-specific reports can be automatically time-scheduled to run on a daily or weekly basis. Reports can also be automatically saved or distributed to recipient lists via email.